Security Objectives has developed numerous proprietary tools for software assurance and testing. Enhanced versions of our software will be offered in the future. Security Objectives is currently developing a dynamic binary analysis tool that automates the process of discovering bugs in applications; it is a highly advanced debugger with specialized fuzzing capabilities.
Native binary tainting systems and intelligent input set generation features coupled with parallelization allow it to quickly cover the most relevant test cases. Benchmarks for graphics file format parsers are in the tens of thousands of cases per second. Users have the option to interact with specific cases via actionable conditions on test results.
We now have a one-click deployment of an interactive .NET interface that demonstrates our product's features. Go ahead and test out our meta-data backing store for Microsoft's symbol library! To enable various capabilities of our heavyweight dynamic binary instrumentation framework, significant work has been done to ensure a rich and verbose metadata capability. This capability, leveraging Microsoft C#/LINQ, ensures interoperability with a significant amount of pre-existing XML/XSD based declarative development platforms. Strongly typed code such as binary EXE/DLL(RTTI) or PDB files and loosely typed code files can be used during the XML metadata generation phase.
This project, codenamed RADE (Rapid Application Debugging Environment) features deep introspection that allows the user to dynamically construct 4-D (over time) animated visualizations rendered with WPF. These memory structure representations display detailed contextual data including cross-references between the heap and stack. Here are some preliminary examples.
The product will be beta-ready in Q4 of 2008. Developer productivity will be greatly enhanced by removing them from the security process--no needless security tools for the non-security professional. Stop fighting the vulnerability war and achieve security sovereignty. Contact us directly for more information.
Find out more about our services.